On 10/11/10 05:15, mrmmm wrote:
>
>
> Amos Jeffries-2 wrote:
>>
>> Your initial message said "among other stuff I have". The conclusion
>> then has to be that somewhere in that other stuff is http_access rules
>> which bypass the ones you mentioned here.
>>
>> Amos
>> --
>>
>
> By "other stuff" i mean specific deny entries.
*all* of them? not one single "http_access allow" somewhere up top?
> Most of them are of type "URL
> Regexp" and have just one entry per rule, and they work fine. It seems that
> the problem is that for some reason when I have multiple entries per rule (a
> file with a list of sites) it is not denying them properly. However, it does
> appear that Squid reads them because I put a couple of duplicates in the
> file (on purpose) and when squid loads I get the message:
>
> WARNING: '.resize.yandex.net' is a subdomain of 'resize.yandex.net'
> WARNING: because of this 'resize.yandex.net' is ignored to keep splay tree
> searching predictable
> WARNING: You should probably remove '.resize.yandex.net' from the ACL named
> 'denybadsites'
>
oooh. You were talking about regex ACL not working then provide an
example of a dstdomain error. Mixing or crossing patterns could be the
source of your failure.
What is your *full* config please? along with the output of "squid -v"
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.9 Beta testers wanted for 3.2.0.3Received on Thu Nov 11 2010 - 09:48:39 MST
This archive was generated by hypermail 2.2.0 : Thu Nov 11 2010 - 12:00:06 MST